Porn Clicker Returns to Google Play

Trojan Porn Clicker, masquerading as popular app called Dubsmash, has yet again returned to Google Play Store after being pulled from the offering almost a month ago. Detailed information on this recurring threat is now available on WeLiveSecurity.com. Surfacing for the first time more than month ago, Dubsmash 2 has made its return appearance on Google Play last week. Since then it has been successfully re-uploaded four times – always containing the same malicious code. Although the fake app that bears the malicious code poses no actual harm to the average user, the problem arises with pay-per-click campaigns, as the porn clicker trojan was created to perform click fraud. Once activated, the malware generates a lot of internet traffic, resulting in high bills. Interestingly, ESET found that this app will almost exclusively attack Android devices without a security solution installed.

“If no AV software is installed then Dubsmash 2’s true functionality is activated. The trojan then proceed to request porn links from its server. These links will be loaded every 60 seconds into WebView inside an invisible window,” says Lukáš Štefanko, Malware Researcher at ESET.

About ESET

Since 1987, ESET® has been developing award-winning security software that now helps over 100 million users to Enjoy Safer Technology. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore and Buenos Aires. For more information visit www.eset.com or follow us on LinkedIn, Facebook and Twitter.